terraform-generator
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill instructions do not contain any patterns intended to bypass AI safety filters or override system-level instructions. It uses structured requirements and a strict workflow to guide the agent.
- [DATA_EXFILTRATION]: No evidence of unauthorized data access or exfiltration. The skill explicitly instructs the agent to avoid hardcoding secrets and provides examples of using Terraform's
sensitivevariables and external secrets managers (AWS Secrets Manager, Azure Key Vault). - [REMOTE_CODE_EXECUTION]: The skill does not download or execute remote scripts. It calls a trusted internal skill (
devops-skills:terraform-validator) for validation. Local bash scripts provided in the repository are for maintainer CI checks and do not perform dangerous operations. - [COMMAND_EXECUTION]: The shell scripts located in the
scripts/directory are standard utility scripts for verifying documentation consistency and running linting (ShellCheck) and formatting (terraform fmt). They do not take untrusted user input or execute arbitrary commands. - [CREDENTIALS_UNSAFE]: The repository contains no hardcoded API keys, tokens, or passwords. All examples use placeholders or standard variable patterns designed to be populated securely by the end-user.
Audit Metadata